In the field of personal computers (PCs) in recent years, administrator privileges and general user privileges are separated by passwords and a general user of a device is given only a user privilege by setting a password for the general user privilege. In addition, it is common that a security administrator installs special software for managing a device and sets the special software to prohibit connection of external storage devices and/or to prohibit connection of BLUETOOTH (registered trademark) devices so as not to allow a general user to change the settings.
Systems employed in information devices, however, do not have mechanisms for separating privileges by passwords owing to the background that such systems have originally been developed for personal use. Accordingly, even if a security administrator installs special software for managing a device and makes various settings for the device, a general user can change the settings. Furthermore, as described above, if it is attempted to develop and distribute special software (device management applications) for managing a device by different organizations, there are risks that the protocols for data communication between the application and the operating system of a device where an event occurs and between the applications are analyzed and that an unauthorized device management application responds to the device where the event has occurred with a wrongly-altered determination result as to whether or not to permit or prohibit execution of the event that has occurred, which leads to alteration of behavior into behavior different from that intended by the security administrator.